{"id":22753586,"url":"https://github.com/starryinternet/sysadmin","last_synced_at":"2026-03-02T04:01:58.520Z","repository":{"id":47029641,"uuid":"91130838","full_name":"StarryInternet/sysadmin","owner":"StarryInternet","description":"An embedded database and system configuration tool","archived":false,"fork":false,"pushed_at":"2023-08-15T13:46:58.000Z","size":373,"stargazers_count":11,"open_issues_count":11,"forks_count":8,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-10-24T03:39:29.729Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/StarryInternet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-05-12T21:25:43.000Z","updated_at":"2024-12-20T18:26:31.000Z","dependencies_parsed_at":"2025-04-14T15:44:18.710Z","dependency_job_id":"c214b1e6-88e0-42f8-892e-d7efc12838d1","html_url":"https://github.com/StarryInternet/sysadmin","commit_stats":null,"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"purl":"pkg:github/StarryInternet/sysadmin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StarryInternet%2Fsysadmin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StarryInternet%2Fsysadmin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StarryInternet%2Fsysadmin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StarryInternet%2Fsysadmin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StarryInternet","download_url":"https://codeload.github.com/StarryInternet/sysadmin/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StarryInternet%2Fsysadmin/sbom","scorecard":{"id":133853,"data":{"date":"2025-08-11","repo":{"name":"github.com/StarryInternet/sysadmin","commit":"beee92e72a0c3afa3aeb396855aa42c96e8989a8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.3,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":8,"reason":"Found 11/13 approved changesets -- score normalized to 8","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating starryoss/sysadmin-build:latest to starryoss/sysadmin-build:latest@sha256:aa4947fa7ee3950651e080c49c71067ceb75f488c5ad788216c02945f3c1c42f","Warn: containerImage not pinned by hash: docker_builds/Dockerfile:1: pin your Docker image by updating fedora:31 to fedora:31@sha256:444773966064dcc3c268d8b496e76dbbbb49d16586d5a969c4082579e6b77616","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 28 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-16T05:52:22.328Z","repository_id":47029641,"created_at":"2025-08-16T05:52:22.328Z","updated_at":"2025-08-16T05:52:22.328Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29992286,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-02T01:47:34.672Z","status":"online","status_checked_at":"2026-03-02T02:00:07.342Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-11T06:11:47.094Z","updated_at":"2026-03-02T04:01:58.505Z","avatar_url":"https://github.com/StarryInternet.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# sysadmin\n\n[![Build Status](https://travis-ci.org/StarryInternet/sysadmin.svg?branch=master)](https://travis-ci.org/StarryInternet/sysadmin)\n\nLike system administrators in big companies, `sysadmin` configures things\n\n## About\n\nsysadmin's main goal is to be a system configuration manager. It accomplishes\nthat by providing a typed key value database, on which you the user can create\n\"hooks\".  These hooks allow you to do one or both of the following things, in\nresponse to keys or groups of keys changing their values:\n\n1. Render jinja2 based templates and save them to the system\n2. Run arbitrary scripts\n\nFor example, say you have a set of keys whose values reflect DHCP settings:\n\n```bash\nnetwork.dhcp.endip = \"192.168.99.200\"\nnetwork.dhcp.lease = 720\nnetwork.dhcp.router_ip = \"192.168.99.1\"\nnetwork.dhcp.router_netmask = \"255.255.255.0\"\nnetwork.dhcp.startip = \"192.168.99.100\"\nnetwork.dhcp.static_assignments = []\n```\n\nTwo hooks exist to service these keys:\n\n1. A jinja2 template which renders a [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html)\n   configuration file which reflects the current values\n2. A simple redirection script which knows to restart the dnsmasq service\n   via systemd\n\nsysadmin allows you to change the value of one or more of these keys, then\n`commit` them all at once, at which point the 2 hooks above are run. From a\nuser's perspective, they need only know what values they want, and sysadmin\ntakes care of the messy, system level details via its hooks.\n\n## Dependencies\n\nsysadmin's dependencies are codified in its `CMakeLists.txt` files, but the key\nones are as follows:\n\n- decibel-cpp, which is included with sysadmin and built when sysadmin is\n  built. It is a C++ wrapper around libuv, and additional abstractions built\n  with folly\n- [libuv](https://github.com/libuv/libuv) is a C event loop library\n- [boost](http://www.boost.org/) is boost\n- [folly](https://github.com/facebook/folly) is a C++ library, primarily\n  used for its excellent futures code\n- [protobufs](https://developers.google.com/protocol-buffers/) provides the API\n  to sysadmin\n- [yaml-cpp](https://github.com/jbeder/yaml-cpp) provides YAML config file\n  support\n\n## Systemd Integration\n\nsysadmin can integrate with systemd as a `notify` type service which can\nprevent races between other services that rely on sysadmin for configuration.\nIn order to build sysadmin with systemd notify support you need to pass\n`-DSYSADMIN_USE_SD_NOTIFY` during step 3 outlined below. When building sysadmin\nin this configuration `libsystemd` becomes a required dependency.\n\nSee [sysadmin-notify.service](configs/prod/sysadmin-notify.service) for a\nsystemd service definition that incorporates this functionality.\n\n## Development\n\nGenerally speaking, build as follows:\n\n```bash\ngit submodule update --init --recursive\nmkdir build\ncd build\ncmake ..\nmake check\nmake\n```\n\n`make check` runs only sysadmin's tests. If you wish to run the `decibel-cpp`\ntests, run `make decibel-check`.\n\n## Dockerized Development\n\nFor consistency it's recommended to build and test in Docker. We will try to\nkeep the dependencies in the image on [Dockerhub](https://hub.docker.com/r/starryoss/sysadmin-build/)\nup to date.\n\nThe docker commands are wrapped in the `docker_control.sh` script.\n\n```bash\n# Make sure you have submodules\ngit submodule update --init --recursive\n\n# Pull the dependency image and build the user image.\n./docker_control.sh -b\n\n# You should not need to do this, but if you really want\n# to build the dependency image you can with:\n./docker_control.sh -d latest\n```\n\nThis pulls the dependency image and creates a \"user\" image for running builds.\nTo build Sysadmin inside the container you will start a container with the\ncode mounted in. Note that you run as a non-root user with your host UID\ninside the container so you shouldn't have to worry about permissions on\nfiles you create.\n\n```bash\n# build and test in a single command. Non-interactive\n./docker_control.sh -t\n\n# Run the container interactively\n./docker_control.sh -i\n```\n\n## Non-Dockerized Development\n\nIf you're on linux, the included `third-party-build.sh` will pull and install\nall the necessary dependencies.\n\nOn macOS, `brew` is generally able to install all the necessary libraries, at\nleast at the time of writing this. You'll at least need to do the following the\nfirst time:\n\n```bash\nbrew install folly # Folly is the key dependency, and brings boost with it\nbrew install amqp-cpp\nbrew install libuv\nbrew install yaml-cpp\nbrew install protobuf\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstarryinternet%2Fsysadmin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstarryinternet%2Fsysadmin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstarryinternet%2Fsysadmin/lists"}